CavalierGPT: The First Comprehensive Infostealers AI Bot - Try Now →

Created by: sharat87

Date created: 2022-12-29

Last edited: 2023-01-24

Description: Heatmap of (sub)techniques mentioned in Sekoia.io’s report “New RisePro Stealer distributed by the prominent PrivateLoader”: https://blog.sekoia.io/new-risepro-stealer-distributed-by-the-prominent-privateloader/

Techniques (20)

  • Account Discovery

    ID: T1087

    Tactics: Discovery

    Description:

  • Credentials from Web Browsers

    ID: T1555.003

    Tactics: Credential Access

    Description:

  • Data from Information Repositories

    ID: T1213

    Tactics: Collection

    Description:

  • Deobfuscate/Decode Files or Information

    ID: T1140

    Tactics: Defense Evasion

    Description:

  • File and Directory Discovery

    ID: T1083

    Tactics: Discovery

    Description:

  • File and Directory Permissions Modification

    ID: T1222

    Tactics: Defense Evasion

    Description:

  • Indicator Removal from Tools

    ID: T1027.005

    Tactics: Defense Evasion

    Description:

  • Obfuscated Files or Information

    ID: T1027

    Tactics: Defense Evasion

    Description:

  • Process Discovery

    ID: T1057

    Tactics: Discovery

    Description:

  • Query Registry

    ID: T1012

    Tactics: Discovery

    Description:

  • Registry Run Keys / Startup Folder

    ID: T1547.001

    Tactics: Persistence, Privilege Escalation

    Description:

  • Screen Capture

    ID: T1113

    Tactics: Collection

    Description:

  • Shared Modules

    ID: T1129

    Tactics: Execution

    Description:

  • Software Discovery

    ID: T1518

    Tactics: Discovery

    Description:

  • Steal Web Session Cookie

    ID: T1539

    Tactics: Credential Access

    Description:

  • System Information Discovery

    ID: T1082

    Tactics: Discovery

    Description:

  • System Language Discovery

    ID: T1614.001

    Tactics: Discovery

    Description:

  • System Location Discovery

    ID: T1614

    Tactics: Discovery

    Description:

  • System Owner/User Discovery

    ID: T1033

    Tactics: Discovery

    Description:

  • Windows Credential Manager

    ID: T1555.004

    Tactics: Credential Access

    Description:

infostealers-logo

BE THE FIRST TO KNOW

Get FREE access to Cavalier GPT

Stay informed with the latest insights in our Infostealers weekly report.

Receive a notification if your email is involved in an Infostealer infection.

No Spam, We Promise

BE THE FIRST TO KNOW

Get FREE access to Cavalier GPT

Stay informed with the latest insights in our Infostealers weekly report.

Receive a notification if your email is involved in an Infostealer infection.

No Spam, We Promise